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Title: METHOD AND DEVICE FOR CRYPTOGRAPH I CALL Y PROCESSING 
DATA 

COMMISSIONER FOR PATENTS 
BOX PCT 

Washington, D. C. 20231 
SIR: 

PRELIMINARY AMENDMENT 

Please amend the above-identified patent 
application which is simultaneously filed herewith, as 
follows : 

IN THE CLAIMS - 

To facilitate entry of the following changes, the Applicants 
have also submitted herewith substitute pages providing all 
the pending claims, as they now stand, incorporating the 
changes indicated below. 
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Amend the following claims: 



— 1. (amended) Method for cryptographically processing 
data, comprising feeding, to a cryptographic process (P) , 
values, namely, the data (X) and a key (K) , and carrying out 
the process (P) in order to form cryptographically processed 
output data (Y) , [characterised] characterized by feeding, 
to the process (P) , auxiliary values (K*; A, B) and 
compensating, by an auxiliary process, the influence of the 
auxiliary values to the output data, in order to mask the 
values (K; D) used in the process (P) . — . 

Claim 4, line 1 Delete "or 3"; 

Claim 5, line 1 Delete "3 or 4,"; 

Claim 7, line 1 Change "any of the claims 2-6" to 



--claim 2--; 



Claim 8, line 1 



Change "any of the preceding 
claims" to — claim 1--; 



Claim 10, line 1 



Delet 



e "or 9"; 



Claim 12, line 1 



Change "claims 10 and 11" to 
--claim 11--; 



Claim 13, line 1 



Change "any of the claims 8-12" to 
--claim 8--; 



Claim 14, line 1 



Change "any of the claims 9-13" to 
--claim 9--; 



Claim 16, 



line 1 



Delete 



or 15 
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Claim 18 , line 1 



Change "any of the claims 8-17" to 
— claim 8--; 



Claim 20, line 1 



Chang 



e "any of the claims 8-19" to 
--claim 8--; 



Claim 21, line 1 



Chang 



e "any of the preceding 
claims" to --claim 1 — ; 



Claim 22, line 1 



Chang 1 



e "any of the preceding 
claims" to — claim 1 — ; 



and 



Claim 23, lines 1-2 



Chang- 



e "any of the preceding 
claims" to --claim 1--. 



REMARKS 



The foregoing amendment is made to conform the 



claims in the application to that amended in the 
International Preliminary Examination Report and to delete 
multiple dependent claims. 
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CLAIMS 



1 1. Method for cryptographically processing data, 

2 comprising feeding, to a cryptographic process (P) , values, 

3 namely, the data (X) and a key (K) , and carrying out the 

4 process (P) in order to form cryptographically processed 

5 output data (Y) , characterized by feeding, to the 

6 process (P) , auxiliary values (K*; A, B) and compensating, 

7 by an auxiliary process, the influence of the auxiliary 

8 values to the output data, in order to mask the values (K; 

9 D) used in the process (P) . 

1 2. Method according to claim 1, wherein an auxiliary 

2 value comprises a supplementary key (K*) which is fed to a 

3 supplementary process (P*) in order to form the key (K) . 

1 3. Method according to claim 2, wherein the supplementary 

2 process (P*) comprises a cryptographic process to which an 

3 auxiliary key (K f ) is fed. 

1 4. Method according to claim 2, wherein the supplementary 

2 process (P*) is an invertible process. 

1 5. Method according to claim 2, wherein the data (X) is 

2 also fed to the supplementary process (P*) . 

1 6. Method according to claim 5, wherein carrying out the 

2 supplementary process (P*) takes place exclusively if the 

3 data (X) has predetermined properties. 



-14- 



1 ' 7. Method according to claim 2, wherein the process (P) 

2 and the supplementary process (P*) each are built up from a 

3 number of steps, and wherein steps of the process (P) and 

4 the supplementary process (P*) are alternated. 

1 8. Method according to claim 1, wherein the process (P) 

2 comprises a number of steps (Si) , each having a 

3 cryptographic operation (F±, Fi ! , Fi") for processing 

4 right-hand data (RD±) derived from the data (X) and a 

5 combinatory operation (C±) for combining with left-hand 

6 data (LDi) also derived from the data (X) , the processed 
...7 right-hand data (FDi) in order to form modified left 

F! 8 data (SDi) , and wherein the right-hand data (RDi) is 

)l 9 combined with a primary auxiliary value (Ai) prior to the 

4.0 first step (Si) and the left-hand data (LDi) is combined 

?il with an additional auxiliary value (A 0 ) . 

3 1 9. Method according to claim 8 wherein, immediately after 

[{2 the last step (S n ) , the right-hand data (RD n ) is combined 

ll 3 with a further primary auxiliary value (A n ) and the modified 

2 4 left-hand data (SD n ') is combined with a further additional 

5 auxiliary value (A n +i) - 

1 10. Method according to claim 8, wherein the right-hand 

2 data (RDi) is combined, in each step (Si) and prior to the 

3 operation (Fi f ), with the primary auxiliary value (A ± ) of 

4 said step (Si) . 
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1 ' 11. Method according to claim 10, wherein the processed 

2 right-hand data (FD ± ) is combined, following the 

3 operation (F±) , with the secondary auxiliary value (Bi) of 

4 said step (Si) . 

1 12, Method according to claim 11, wherein the secondary 

2 auxiliary value (B ± ) of a step (Si) is formed from the 

3 combination of the primary auxiliary value (A±-i) of the 

4 preceding step and the primary auxiliary value (A i+ i) of the 

5 next step. 

1 13. Method according to claim 8, wherein all primary 

2 auxiliary values (Ai) are equal. 

1 14. Method according to claim 9, wherein the primary 

2 auxiliary values (A ± ) and/or secondary auxiliary values (B ± ) 

3 have each time been combined with the respective 

4 operation (Fi) in advance. 

1 15. Method according to claim 14, wherein a combined 

2 operation (Fi ! ) contains several tables, and wherein the 

3 tables are determined in a different order each time the 

4 process (P) is carried out. 

1 16. Method according to claim 14, wherein a combined 

2 operation (Fi ! ) contains several tables, and wherein the 

3 elements of the tables are determined and/or stored in a 

4 different order each time the process (P) is carried out. 
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1 c 17. Method according to claim 16, wherein the order is 

2 stored as a lookup table for the benefit of reading out the 

3 elements. 

1 18. Method according to claim 8, wherein the right-hand 

2 data (RDi) is combined with a tertiary auxiliary value (Wi) 

3 after each step (Si) . 

1 19. Method according to claim 18, wherein the tertiary 

2 auxiliary value (Wi) in all steps, except the last one (S n ) 

3 is equal to the combination of the primary auxiliary 

4 value (Ax) of the first step (Si) and the additional 

5 auxiliary value (A 0 ) , and in the last step (S n ) is equal to 

6 zero. 

1 20. Method according to claim 8, wherein combining is 

2 carried out using an XOR operation. 

1 21. Method according to claim 1, wherein the data (X) 

2 comprises identification data of a payment means (1) and 

3 the processed data (Y) forms a diversified key. 

1 22. Method according to claim 1, wherein the process (P) 

2 comprises DES, preferably triple DES. 

1 23. Circuit (10) for carrying out the method according to 

2 claim 1. 

1 24. Payment card (1), provided with a circuit (10) 

2 according to claim 23. 
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1 * 25. Payment terminal (2) provided with a circuit (10) 

2 according to claim 23. 
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Method and device for cryptographicaily processing data. 

BACKGROUND OF THE INVENTION 

The invention relates to a method for cryptographicaily 
processing data, comprising feeding, to a cryptographic process, 
values, namely, the data and a key, and carrying out the process 
in order to form cryptographicaily processed data. Such method 
is generally known. 

For cryptographicaily processing data, in practice there 
are often applied generally known processes. Examples of such 
cryptographic processes (algorithms) are DES and RSA [DES = Data 
Encryption Standard and RSA = Rivest, Shamir & Adleman] , which 
are described, e.g., in the book w Applied Cryptography" by B. 
Schneier (2nd edition), New York, 1996. 

Said processes are published since it was assumed that, in 
the event of sufficiently large key lengths, it would be 
impossible, on the basis of the processed data, to retrieve the 
original data and/or the key, even if the cryptographic process 
were known. 

However, Cryptographic algorithms can be attacked -the goal 
always is to find the encryption key in use- in different ways : 

(1) Mathematical attacks like differential and linear 
cryptanalysis ; 

(2) Hardware oriented attacks, called "Side Channel Attacks", 
viz. attacks based on power consumption analysis or I/O timing 
analysis . 

US-A-5745577 discloses a method for advanced key scheduling of a 
secret key. The aim is to offer a protection against said 
mathematical attacks (differential and linear cryptanalysis) by 
amending the encryption algorithm. Amending the algorithm will 
cause change of its output and thus the disclosed method does not 
present any improvement against said %x Side Channel Attacks". 
SUMMARY OF THE INVENTION 

The present invention aims to improve the protection of 

a cryptographic device against "Side Channel Attacks*'. In short, 
said improvement is achieved by masking the data and/ or the key 
by means of generating extra, auxiliary input (data or key) and 
compensating its influence to the output by adding, to the "main" 
encryption process, an auxiliary (compensating) process. By said 
masking measures it will be much more difficult to derive the 
value of data or key from the behaviour of the power consumption 
of the cryptographic device (see page 1 lines 32-34). Said 
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masking, however, happens in such a way that the result of the 
porcess as a whole remains unchanged: with the same input and key 
the amended algorithm results into the same, unchanged output. 

Thus the invention present a method of the type' a*€f erred to in 
the preamble according to the invention which is characterised by 
feeding, to the process, auxiliary values, while compensating, by 
means of an auxiliary process, the influence of the auxiliary 
values to the output data, in order to mask the values used in 
the process. 

By masking the date and/ or key{s) it becomes considerably 
more difficult to derive said values on the basis of the 
behaviour of the process* The result of the process, i.e., the 
collection of processed data, in the event of a suitable choice 
of the auxiliary values may be unchanged, i.e., identical to the 
result of the process, if no auxiliary values have been fed to 
it. In this connection, an * auxiliary value" is understood to 
mean a value (data or key) which is fed to the process as a 
supplement to the corresponding data and key. 
The invention is therefore based on the insight that the 
derivation of the values used in a cryptographic process is 
rendered considerably more difficult if said values are masked 
using said auxiliary values and said auxiliary process. 

The invention is partly based on the further insight that 
the use of auxiliary values does not necessarily affect the 
outcome of the process. 

In a first embodiment of the invention, an auxiliary value 
comprises a supplementary key which is fed to a supplementary 
process in order to form the key. 

By applying a combination of a known process and a 
supplementary process, there is formed a new cryptographic 
process, unknown per se, even if the supplementary process is 
also known per se. 

By deriving the key used for the known process (primary 
key) from a supplementary key [secondary key) using a 
supplementary process, there is achieved that not the (primary) 
key of the known process but the supplementary (secondary) key is 
offered to the combination of processes. In other words, 
externally the supplementary (secondary) key, and not the real 
(primary) key of the process proper, is used. Derivation of the 
key from the original data and the processed data has thereby 
become impossible. In addition, the derivation of the 
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If, e,g./ a first device gives off a (supplementary) key which is 
applied in a second device according to the invention, then in 
the first device there may be used the inverse of the 
supplementary process to derive the supplementary key from the 
5 original key. In other words, although in both the first and the 

second device internally the original (primary) key is used, 
there is exchanged, between the devices, the supplementary 
(secondary) key. Intercepting the supplementary key, however, 
does not result in knowledge of the original key, 

10 It may be advantageous if carrying out the supplementary 

process takes place exclusively if the data has predetermined 
properties. In this manner, cryptographic processing may be 
carried out for specific, selected data only, while such is 
blocked for all other data. In this manner, there is achieved a 

15 supplementary protection. 

An optimum security is provided if the process and the 
supplementary process are each constructed of several steps and 
in which there are alternately carried out steps of the process 
and the supplementary process. As a result, the properties of 

20 the known process are further veiled, as a result of which the 

derivation of the keys is further complicated. 

In a second embodiment of the invention, the process 
comprises several steps, each of which has a cryptographic 
operation for processing right-hand data derived from the data 

25 and a combinatory operation for combining, with the left-hand 

data derived from the data, the processed right-hand data in 
order to form modified left-hand data, in which the right-hand 
data, prior to the first step, is combined with a primary 
auxiliary value and the left-hand data is combined with an 

30 additional auxiliary value. As a result, the data used in the 

steps and transferred between the steps is masked. 

In order to make it possible for the primary and additional 
auxiliary values do not make themselves felt in the end result of 
the process, the right-hand data is combined, preferably 

35 immediately after the last step, with a further primary auxiliary 

value, and the modified left-hand data is combined with a further 
additional auxiliary value. 

In order not to have the result of the operations affected 
by the primary auxiliary values, the method according to the 

40 invention is preferably carried out in such a manner that the 

right-hand data, in each step and prior to the operation, is 
combined with the primary auxiliary value of said step. 
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A further protection is achieved if the processed right- 
hand data, following the processing, is combined with a secondary 
auxiliary value of said step. 

5 The secondary auxiliary value of a step is advantageously 

formed from the combination of the primary auxiliary value of the 
preceding step and the primary auxiliary value of the next step. 
As a result, it becomes possible to compensate the auxiliary 
value in the repeatedly next step, as a result of which said 

10 auxiliary value will not make itself felt in the end result of 

the process. 

It is possible to carry out the method according to the 
invention in such a manner, that all primary auxiliary values are 
equal. As a result, a very simple practical realisation is 

15 possible. The use of several auxiliary values, which are 

preferably random numbers and are generated anew for each time 
the process is carried out, however, offers a greater 
cryptographic security. 

A further simplification of said embodiment may be obtained 

20 if the primary auxiliary values and/or secondary auxiliary values 

repeatedly have been combined in advance with the operation in 
question. This is to say, combining with auxiliary values is 
processed in the operation in question (e.g., a substitution), in 
such a manner that the result of the operation in question is 

25 equal to that of the original operation plus one or two 

combinatory operations with auxiliary values. By in advance 
including in the operation the combinatory operations, a more 
simple and faster practical realisation is possible. 

Said combinatory operations are preferably carried out 

30 using an XOR operation [XOR = exclusive OR] . Other combinatory 

operations, however, such as binary adding, are basically 

possible as well. 

The invention further provides a circuit for carrying out a 
method for cryptographically processing data. In addition, the 
35 invention supplies a payment card and a payment terminal provided 

with such circuit. 

Below, the invention will be further explained on the basis 
of the exemplary embodiments shown in the figures. 

40 BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 schematically shows a cryptographic process 
according to the prior art. 
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FIG* 2 schematically shows a first cryptographic process 
according to~a first embodiment of the invention. 

FIG. 3 schematically shows a second cryptographic process 
according to a first embodiment of the invention. 
5 FIG. ^^schematically shows a way in which the processes of 

figures FIG. 1 and 2 may be carried out. 

FIG. 5 schematically shows a cryptographic process having 
several steps according to the prior art. 

FIG. 6 schematically shows a first cryptographic process 
10 according to a second embodiment of the invention. 

FIG. 7 schematically shows a second cryptographic process 
according to a second embodiment of the invention. 

FIG. 8 schematically shows a third cryptographic process 
according to a second embodiment of the invention. 
25 FIG. 9 schematically shows a circuit in which the invention 

is applied.*"" 

FIG. 10 schematically shows a payment system in which the 
invention is applied. 

20 PREFERRED EMBODIMENTS 

A (cryptographic) process P according to the prior art is 
schematically shown in FIG. 1. To the process P, there are fed 
input data X and a key K. On the basis of the key K, the process 
p converts the input data X into (cryptographically) processed 
25 output data Y: Y = P K (X) . The process P may be a known 

cryptographic process, such as DES (Data Encryption Standard), 
triple DES, or RSA (Rivest, Shamir & Adleman) . 

If the input data X and the output data Y are known, it is 
basically possible to derive the key K used. In the event of a 
30 key of sufficient length {i.e., a sufficient number of bits), it 

was so far deemed impossible to derive said key, even if the 
process P were known. Impossible in this case is to say that in 
theory it is admittedly possible, e.g., by trying out all 
possible keys, to retrieve the key used, but that such requires 
35 an impossibly long computational time. Such *brute-force attack" 

is therefore hardly a threat to the cryptographic security. 

Attacks recently discovered, however, make use of knowledge 
of the process, as a result of which the number of possible keys 
may be reduced drastically. Deriving the key K used and/or the 
40 input data X from the output data Y therefore becomes possible 

within acceptable computational times. 

The principle of the invention, whose object it is to 
render such attacks considerably more difficult and time- 
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consuming, is schematically shown in FIG. 2. Just as in FIG. 1, 
to a (known) process P there are fed input data X and a (secret) 
key K to generate output data Y. 

Contrary to the situation of FIG. 1, in the situation of 
5 FIG. 2 the key K is fed to the process P from a supplementary 

process P*. The supplementary process P* has a supplementary 
(secondary) key K* as input data to produce, under the influence 
of an auxiliary key K' , the (primary) key K as output data. The 
key K is therefore not fed, as is the case in the situation of 
10 FIG. 1, from an external source (e.g., a memory) to the process 

P, but is produced by the process P* from the supplementary 
(secondary) key K* : 

K = P* K - (K) - 

15 

It is therefore the secondary key K* , instead of the 
primary key K, which is predetermined and stored, e.g., in a key 
memory (not shown) . According to the invention, the primary key 
K, which is fed to the process P, is not predetermined. 

20 The auxiliary key K' may be a permanently stored, 

predetermined key. It is also possible to apply a supplementary 
process P* in which no auxiliary key K' is used. 

The combination of the processes P and P* forms a new 
process which is schematically designated by Q. To the process Q 

25 which, on account of the supplementary process P*, is unknown per 

se, the input data X and the (secondary) key K* are fed to 
produce the output data Y. The relationship between the 
secondary key K* and the primary key K is veiled by the 
supplementary process P*. 

30 The supplementary process P* preferably is the inverse of 

another, invertible process R. This is to say: 

P* = R" 1 . 

35 This enables producing the secondary key K* from the 

primary key K using R and the auxiliary key K' : 

K* = Rr* (K) , 



40 



as will be further explained later by reference to FIG. 5. The 
new process Q may possibly be extended by the process R, in such 
a manner that the primary key K, instead of the secondary key K*, 



WO 00/41356 PCT/EP99/10208 

7 

is fed to the process Q. The primary key K in this case in the 
process Q is derived from: 

K * P*K' (K*) = P* K ' (Rk' (K) ) . 

This enables using the same (primary) key as in the prior 

art. 

The cryptographic process Q according to the invention, 
schematically shown in FIG. 3, also comprises a process P having 
a primary key K and a supplementary process P* having an 
auxiliary key K' , the primary key K being derived from the 
supplementary key K* by the supplementary process P*. 
Supplementing the process of FIG. 1, in this case the input data 
X is also fed to the supplementary process P*, in such a manner 
that the primary key K is determined partly as a function of the 
input data X: 

K = P*k<<K*,X) . 

As a result, there is obtained a supplementary 
cryptographic protection. In addition, as a result the 
possibility is offered to carry out the supplementary process P* 
exclusively if certain input data is offered. This is to say 
that the supplementary process P* may comprise a test of the 
input data X, and carrying out the supplementary process P* may 
depend on the result of said test. Thus, the supplementary 
process P*, e.g., may be carried out only if the last two bits of 
the input data X equal zero. The effect of such an input data- 
dependent operation is that only for certain input data X the 
correct primary key K will be produced in such a manner that only 
said input data will deliver the desired output data Y. It will 
be understood that as a result the cryptographic security is 
further enhanced. 

FIG. 4 schematically shows the way in which substeps of the 
processes P and P* may be carried out alternatingly 
(* inter leaving") in order to further enhance the protection 
against attacks. The substeps may include so-called * rounds " , 
such as, e.g., in the case of DES . The substeps, however, 
preferably comprise only one or a few instructions of a program, 
with which the processes are being carried out. 

In a first step 101, there is carried out a first sub step p x 
of the process P. Subsequently, in a second step 102, the first 
substep Pi* of the supplementary process P* is carried out. 
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Likewise, in a third step 103, the second substep P 2 of the 
process P is carried out etc. This continues until, in step 110, 
the last substep P n * of the supplementary process P* has been 
carried out, it being assumed, for the sake of the example, that 

5 the processes P and P* comprise an equal number of substeps. If 

such is not the case, in step 110 there is carried out the last 
corresponding substep, and in further steps the remaining 
substeps are carried out. 

By alternating the substeps of the process P, which is 

10 known per se, and the process P* (possibly known per se as well) , 

there may be obtained a series of substeps which does not 
correspond to that of a known process. As a result, the nature 
of the process is more difficult to recognise. 

The cryptographic process P schematically shown, only by 

15 way of example, in FIG. 5, according to the prior art comprises 

several steps S± (i.e., S x , S 2 , S n ) . In each step Si, (right- 

hand) data RDi is fed to a cryptographic operation F ± - Said 
cryptographic operation may itself comprise a number of substeps, 
such as an expansion, a combination with a key, a substitution 

20 and a permutation which, however, have not been designated 

separately for the sake of the simplicity of the drawing. The 
cryptographic operation Fi provides processed data FD i: 

FDi * F ± (KDi) * 

25 

In a combinatory operation CCi (CCi, CC 2 , the index i always 

indicating the step S in question) , the processed data FD A is 
combined with left-hand data LDi to form modified (left-hand) 
data SDi which, just as the original right-hand data RD, is 

30 passed on to the next step. The combinatory operations CCi 

preferably are XOR operations (symbol: ®) - 

As is shown in FIG, 5, at the end of each step Si the 
modified left-hand data SDi and the right-hand data RDi change 
positions in such a manner that they form the right-hand data 

35 RDi +i and the left-hand data LD i+1 of the next step S i+ i. 

The left-hand data and the right-hand data RDi of the 
first step S x were derived, in a preceding operation, from input 
data X and, in doing so, may undergo a preparatory processing, 
such as an input permutation. The output data SD n and RD n of the 

40 last step S n form the processed data Y of the proces P, possibly 

after it has undergone a final operation, such as an output 
permutation PP" 1 . 
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The cryptographic process of FIG. 6 largely corresponds to 
that of PIG. 5. In accordance with the invention, the data 
present in and between the steps is masked with auxiliary values. 
For this purpose, in this embodiment the first step S x is 
5 preceded by (preparatory) combinatory operations DC and EC, which 

are preferably XOR operations as well. They combine the left- 
hand data LDi and the right-hand data RD 1# respectively , which 
originate from the preparatory operation (PP) , with a zeroth 
auxiliary value Ao and a first auxiliary value Ai. The results of 

10 the combinatory operations DC and EC are left-hand masked data 

IJ) 1 ! and right-hand masked data RDi 1 , respectively [in the 
continuation of this text, masked data will be designated by an 
apos trophy) . The maskings make themselves felt in the subsequent 
steps. Since the left-hand data of the second step S 2 is equal 

15 to the masked right-hand data of the first step S X/ said left- 

hand data IiD r 2 is masked as well. The right-hand data RD 2 1 of the 
second step is masked since it is equal to the masked, modified 
data SDj. ' . 

Combining the data LDi and RD A with the auxiliary values A t 
20 therefore results in the modified data LDi 1 and RDi' being masked, 

as a result of which it is considerably more difficult to derive 
the original data X or the key used from the masked data LDi 1 and 

In order to remove the auxiliary values A± prior to the 

25 final operation (PP" X ) , there are provided completing combinatory 

operations FC and GC, which combine the modified and masked left- 
hand data SD'„ of the last step S n with an auxiliary value A^i and 
the masked right-hand data RD n f with an auxiliary value An, 
respectively. On account of Ai & Ai being zero in this manner the 

30 maskings are removed by the auxiliary values Ai. As a result, it 

is possible to carry out the method in such a manner that, 
notwithstanding the use of the auxiliary values Ai, the final 
data Y is equal to that which would have been obtained by the 
conventional method according to FIG. 5. 

35 In order to exclude the effect of the auxiliary values A ± on 

the results FD* of the operations Fi, in each step Si there is 
preferably present a supplementary combinatory operation ACi 
which combines the right-hand data RDi with a (primary) auxiliary 
value Ai before this data is fed to the cryptographic operation 

40 Fi. The result of each supplementary combinatory operation ACi is 

non-masked right-hand data RDi, so that the cryptographic 
operation Fi works on the same data as in the process of FIG. 5. 
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There may be advantageously inserted a further combinatory 
operation BCi between the cryptographic operation F± and the 
combinatory operation CC± with the purpose of combining the 
processed (right-hand) data FD £ with a further (secondary) 
5 auxiliary value B^ As a result, there may be achieved a masking 

of the processed data Ft>i and a further masking of the (modified) 
left-hand data SDi' . The combinatory operations AC A and BCi 
preferably are XOR operations as well* 

In accordance with a further aspect of the invention, the 
10 auxiliary values Ai and Bi are related. The secondary auxiliary 

values Bi are formed, preferably using an XOR operation, from the 
first auxiliary value A^x of the previous step and the auxiliary 
value A i+ i of the next step: 

15 B ± = Ai-i © A i+1 . 

This results in each primary auxiliary value A i+1 which, using a 
further supplementary combinatory operation BCi, is combined with 
the processed right-hand data FDi as an ingredient of the 

20 secondary auxiliary value Bi, repeatedly being compensated in the 

next step, i.e., step S i+1 , by means of a combinatory operation ACi 
before the right-hand data RD i+i is subjected to the operation Fi. 
The (masked) right-hand data RDi 1 in question, which forms the 
(masked) left-hand data U> 1+1 ' of the still next step S i+2 are 

25 combined there with the primary auxiliary value A i+1 and is 

compensated in this manner. The auxiliary value A i+ i makes itself 
felt in the modified data SDi 1 , in such a manner that this 
remains masked between two steps. 

The left-hand data LDi of the first step Si is masked with 

30 the additional or zeroth (primary) auxiliary value A 0 . By 

combining, with the secondary auxiliary value B* = Aq ® A 2 , the 
initial auxiliary value A 0 is removed (on account of Aq © A 0 being 
zero) , but the auxiliary value A 2 and the masking achieved 
therewith are maintained. The zeroth auxiliary value Ao in this 

35 embodiment is preferably chosen equal to the first auxiliary 

value Ai. 

Although all primary auxiliary values Ai are preferably 
chosen different, with the exception of Ao « A lf it is possible to 
choose all primary auxiliary values A ± equal. In this case, all 
40 secondary auxiliary values Bi in the embodiment shown will be 

equal to zero, so that the further combinatory operations BCi may 
be omitted. The invention further applies to processes P which 
contain only one step S, or have a deviating structure* 
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In the process of FIG. 7, which largely corresponds to that 
of FIG. 6, the combinatory operations ACi and BQ. and the 
cryptographic operation Fi in each step are integrated to form a 
combined operation Fi' . Integrating the combinatory operations 
5 in the operations F t is possible by suitably adjusting, e.g., a 

substitution table of the operation Fi. As a result, the 
supplementary combinatory operations ACi and BC A may be omitted 
and the result of the adjusted operation Fi f is equal to the 
result of the total of the operation Fi proper and the 
10 combinatory operations: 

FDi r = Fi' (RDi') * Bi © Fi (Ai © R3V ) . 
Basically, each step Si requires a different combinatory 
operation F A in which various auxiliary values Ai are integrated 

15 (see FIG. 6) . Only if the auxiliary values A ± are chosen equal, 

i.e., A x s=A 2 = ... = A n , the combinatory operations Ft in this 
embodiment may be equal. 

Each time the process is carried out, the values A ± are 
preferably chosen anew. For the process of FIG. 7, this means 

20 that the combined operations F ± ' are then determined anew. Since 

the operations Fi 1 in many implementations will comprise the use 
of several tables, such as substitution tables, said tables will 
be determined anew each time the process P is carried out. In 
order to offer a supplementary protection against attacks, 

25 according to a further aspect of the invention the tables will be 

determined in random order. If a combined operation Fi f 
comprises, e.g., eight tables, said eight tables will be 
determined in another order each time said operation Fi' is 
carried out anew. Said order may be determined on the basis of 

30 the contents of an order register, which contents may each time 

be formed by a random number originating from a random-number 
generator. On the basis of the contents of the order register 
there may each time be composed a fresh lookup table. Using the 
lookup table, the tables may be written to a memory and later be 

35 read out. 

According to a further aspect of the invention, 
supplementing this or instead thereof, the elements of each table 
may be determined and/or stored in random order. With this 
measure it is achieved that the protection against attacks is 

40 also improved. In this case, too, there may be applied a lookup 

table on the basis of which the elements may later be retrieved. 

The measures referred to above may also be applied in 
another embodiment of the invention, such as the one of FIG. 8, 
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or in completely different other processes, whether cryptographic 
or not. 

The embodiment of FIG. 8 largely corresponds to that of 
FIG. 7. Supplementing FIG. 7, each step Si, with the exception 
5 of the last step S n/ includes a combinatory operation Hd which 

combines the right-hand data RDi with a tertiary auxiliary value 
Wi. The tertiary auxiliary value Wi preferably equals the XOR 
combination of the auxiliary values Ao and A a : 

10 W « A 0 0 A lf 

where ^ ^ A a . 

This results in the operation HCi always adding the zeroth 
auxiliary value A 0 and compensating the first auxiliary value Ai. 

15 As a result, it is possible that all cryptographic operations Fi 

are essentially identical, which requires a much smaller 
processing and/ or storage capacity from a processor system with 
which the method is carried out- In the embodiment of FIG. 8, 
the operations Fi n are such adjustments of the original 

20 operations F if that these are corrected for the auxiliary value A x 

and in addition combine the tertiary auxiliary value W = Ao © Ai 
with their result. In other words, if RDi 6) A a is fed to F" , the 
result will be equal to 
FDi 1 =Fi (RDx) © W. 

25 It will be understood by those skilled in the art that the 

combinatory processes AC i# BC± and HC± may be carried out in 
different locations in the cryptographic process P to achieve a 
comparable or even identical effect. 

FIG. 9 schematically shows a circuit 10 for implementing 

30 the method according to the invention. The circuit 10 comprises 

a first memory 11, a second memory 12 and a processor 13, the 
memories 11 and 12 and the processor 13 being coupled using a 
data bus 14. By providing two memories, it is possible each time 
to carry out a substep of one of the processes P and P* (see FIG. 

35 4) , to store the result of said substep in, e.g., the first 

memory 11, and from the second memory 12 to transfer a previous 
interim result from the other process to the processor 13 . In 
this manner, it is possible to efficiently carry out the 
alternating computation of substeps of two different processes. 

40 The payment system schematically shown in FIG. 10 comprises 

an electronic payment means 1 and a payment station 2. The 
electronic payment means 1 is, e.g., a so-called smart card, 
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i.e., a card provided with an integrated circuit for storing and 
processing payment data. The payment station 2 comprises a card 
reader 21 and a processor circuit 22. The processor circuit 22 
may correspond to the circuit 10 of FIG. 9. 
5 At the beginning of a transaction, the payment means 1 

transmits an identification (card identification) ID to the 
payment station 2. By reference to said identification, the 
payment station 2 determines a key which will be used for said 
transaction* Said identification ID may be fed as input data X 

10 {see the figures 1-3) to a cryptographic process which, on the 

basis of a master key MK, produces an identification -dependent 
transaction key K ID as output data Y. In accordance with the 
invention, for this purpose the process shown in the figures FIG. 
2 and 3 is used, the master key MK having been converted in 

15 advance, using a process R, into a supplementary master key MK* . 

Said supplementary master key MK* is now fed, preferably together 
with the identification ID, in accordance with FIG* 3, to the 
supplementary process P* in order to reproduce the original 
master key MK and to derive the transaction key K ID from the 

20 identification ID. 

Although, in the figures FIG. 2 and 3, there is always 
shown one single supplementary process P*, there may possibly be 
used several processes P* , P**, p***, — in series and/or in 
parallel to derive the primary key K. 

25 It will be understood by those skilled in the art that many 

modifications and amendments are possible without departing from 
the scope of the invention. 
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CLAIMS 

1. Method for cryptographically processing data, comprising 
feeding, to a cryptographic process (P) , values, namely, the data 

(X) and a key (K) , and carrying out the process r {P) in order to 
form cryptographically processed output data (Y) , characterised 
by feeding, to the process (P) , auxiliary values {K*; A, B) and 
compensating, by an auxiliary process, the influence of the 
auxiliary values to the output data, in order to mask the values 

(K; D) used in the process (P) . 

2. Method according to claim 1, wherein an auxiliary value 
comprises a supplementary key (K*) which is fed to a 
supplementary process (P*) in order to form the key (K) . 

3. Method according to claim 2, wherein the supplementary 
process (P*> comprises a cryptographic process to which an 
auxiliary key (KM is fed. 

4. Method according to claim 2 or 3, wherein the supplementary 
process (P*) is an invertible process. 

5. Method according to claim 2, 3 or 4, wherein the data (X) 
is also fed to the supplementary process (P*) . 

6. Method according to claim 5, wherein carrying out the 
supplementary process (P*) takes place exclusively if the data 
(X) has predetermined properties. 

7 . Method according to any of the claims 2-6, wherein the 
process (P) and the supplementary process (P*) each are built up 
from a number of steps, and wherein steps of the process (P) and 
the supplementary process (P*) are alternated. 

8. Method according to any of the preceding claims, wherein 
the process (P) comprises a number of steps (Si) , each having a 
cryptographic operation {Fi, Fi T , Fi") for processing right-hand 
data (RDi) derived from the data (X) and a combinatory operation 
(Ci) for combining with left-hand data (LDi) also derived from the 
data (X), the processed right-hand data (FDi) in order to form 
modified left data (SDi), and wherein the right-hand data (RDi) is 
combined with a primary auxiliary value (Ai) prior to the first 
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9. Method according to claim 8 wherein, immediately after the 
last step (S n > , the right-hand data (KD n ) is combined with a 
further primary auxiliary value (A n ) and the modified left-hand 
data (SD n ') is combined with a further additional auxiliary value 

5 (An+l) . 

10. Method according to claim 8 or 9, wherein the right-hand 
data (RT>i) is combined, in each step (Si) and prior to the 
operation (Fi'>, with the primary auxiliary value (Ai) of said 

10 step (S ± ) . 

11. Method according to claim 10, wherein the processed right- 
hand data (FDi) is combined, following the operation (Fi) , with 
the secondary auxiliary value <Bi) of said step (Si) . 

15 

12. Method according to claims 10 and 11, wherein the secondary 
auxiliary value (B t ) of a step (Si) is formed from the combination 
of the primary auxiliary value (Ai-!) of the preceding step and 
the primary auxiliary value (A i+1 ) of the next step, 

13. Method according to any of the claims 8-12, wherein all 
primary auxiliary values (Ai) are equal. 

14. Method according to any of the claims 9-13, wherein the 
25 primary auxiliary values (A ± ) and/or secondary auxiliary values 

(B ± ) have each time been combined with the respective operation 
(Fi) in advance. 

15. Method according to claim 14, wherein a combined operation 
30 (Fi 1 ) contains several tables, and wherein the tables are 

determined in a different order each time the process (P) is 
carried out. 



20 



35 



40 



16. Method according to claim 14 or 15, wherein a combined 
operation (Fi f ) contains several tables, and wherein the elements 
of the tables are determined and/or stored in a different order 
each time the process (P) is carried out. 

17. Method according to claim 16, wherein the order is stored 
as a lookup table for the benefit of reading out the elements. 

18. Method according to any of the claims 8-17, wherein the 
right-hand data (RD ± ) is combined with a tertiary auxiliary value 
(Wi) after each step (Si) . 
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19. Method according to claim 18, wherein the tertiary 
auxiliary value (Wi) in all steps, except the last one (S n ) is 
equal to the combination of the primary auxiliary value (A x ) of 
the first step (Si) and the additional auxiliary value (A 0 ) , and 

5 in the last step (S n ) is equal to zero. 

20. Method according to any of the claims 8-19 , wherein 
combining is carried out using an XOR operation. 



10 21. Method according to any of the preceding claims, wherein 

the data (X) comprises identification data of a payment means (1) 
and the processed data (Y) forms a diversified key. 



22. Method according to any of the preceding claims, wherein 
15 the process (P) comprises DES, preferably triple BES. 

23. Circuit (10) for carrying out the method according to any 
of the preceding claims. 

20 24. Payment card (1), provided with a circuit (10) according to 

claim 23 . 



25. Payment terminal (2) provided with a circuit (10) according 
to claim 23 „ 
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referred to above. 



I acknowledge the duty to disclose information which is material to the 
patentability of this application in accordance with Title 37, Code of Federal 
Regulations section 1.56. 

I hereby claim foreign priority benefits under Section 119 of Title 35, United 
States Code for the above-identified US patent application based on the patent 
or inventor's certificate identified below and having a filing date before 
that of the US patent application for which priority is claimed: 

Priority Claimed 

Application No. Country Filing Date under 35 USC 119 

1010921 NL December 30, 1998 YES 

1011544 NL March 12, 1999 YES 

1011800 NL April 15, 1999 YES 

I hereby claim the benefit under Section 120 and/or Section 119(e) of Title 35 
of the United States Code of any United States application (s ) listed below 
and, insofar as the subject matter of each of the claims of this application 
is not disclosed in the prior United States application in the manner provided 
by Section 112 of Title 35 of the United States Code, I acknowledge the duty 
to disclose material information, as defined in Section 1.56 of Title 37 of 
the Code of Federal Regulations, which occurred between the filing date of the 
prior application and the national or PCT international filing date of this 
application: 

Status 

Application Serial No. Filing Date Patented Pending Abandoned 



-1- 



First inventor: 



Full name: 



ROELOFSEN 



Gerrit 



last 



f xrsTT 



Residence address ; 



Rijndijk 60-A 
Street 



2331 AH LEIDEN The Netherlands 



zip code state 



country 



Post Office address: P.O.Box 95321 



post office & box number 



2509 CH THE HAGUE 



The Netherlands 



zip code state 



country 



Citizenship: The Netherlands 
country 




Signature: y^-'^x 
Date: ISh looj 



-3- 



Second inventor: 



Full name: 



VAN BRUCHEM 



last 



^Dir_k— Jan Jacobus 



first 



middle 



Residence address: Randveen 4 

Street 



2291 NM 



zip code 



Wateringen The Netherlands 



state 



country 



Post Office address:P.O. Box 95321 



post office & box number 



2 50 9 CH THE HAGUE 



The Netherlands 



zip code state 



country 



Citizenship: The Netherlands 
Country 



Signature : 
Date: 




-4- 



J Third inventor: 

Full name: MULLS R_ Frank 

""last fir si middle 



Residence address: Meerkoetlaan 24 



Street 

2623 NJ DELFJL The Netherlands 

zip code state country 



Post Office address: P.O. Box 95321 



post office & box number 



2509 CH THE HAGUE The Netherlands 

zip code state country 



Citizenship: The Netherlands 
Country 




Signature : 

Date: 9p? _ 9 - J Q f 



-5- 



Fourth inventor: 



Full name: ROMBAUT Willem 



last first middle 



Residence address: C.A. van Beverenplein 11 

Street 



2552 HT ^rag_HAGUE The Netherlands 

zip code "Istate"""^ country 



Post Office address: P.O. Box 95321 



post office & box number 



2509 CH The Hague The Netherlands 

zip code city country 



Citizenship: The Netherlands 

Country 



Signature : 



Date: ^ ^ <^ ^ 2 QO / 



